Cisco Catalyst Center Privilege Escalation Vulnerability
TL;DR 📌
A privilege escalation vulnerability has been identified in Cisco Catalyst Center, allowing authenticated users to perform actions requiring Administrator privileges. The highest CVSS score is 4.3 (Medium). Users are advised to upgrade to fixed software releases as there are no workarounds available.
What happened 🕵️♂️
A vulnerability in Cisco Catalyst Center could enable an authenticated, remote attacker to execute operations that should be restricted to Administrator privileges. This issue arises from improper role-based access control (RBAC). An attacker with valid read-only user credentials could exploit this vulnerability by logging in and modifying certain policy configurations reserved for the Administrator role.
Affected products 🖥️
The vulnerability affects Cisco Catalyst Center, including both virtual and hardware appliances, regardless of device configuration.
Fixed software 🔧
Upgrade to the first fixed release in your train (or later):
| Release / Product | First Fixed Release | Notes |
|---|---|---|
| 2.3.7 and earlier | 2.3.7.10 | |
| 3.1 | Not affected | |
| 1.0 | Initial public release. | |
| Cisco Catalyst Center | 2.3.7.10 | 2.3.7 and earlier |
Workarounds 🧯
There are no workarounds available for this vulnerability.
Risk in context 🎯
With a CVSS score of 4.3, this vulnerability is rated as Medium risk. While it requires authenticated access, the potential for an attacker to escalate privileges poses a significant threat to the integrity of system configurations.
Fast facts ⚡
- Vulnerability: Cisco Catalyst Center Privilege Escalation
- CVSS Score: 4.3 (Medium)
- Exploitation: Requires valid user credentials
- Workarounds: None available
- Fixed Software: Upgrade to 2.3.7.10 if on 2.3.7 or earlier
For leadership 🧭
This vulnerability presents a Medium risk (CVSS 4.3) as it requires authenticated access to exploit, but it allows for unauthorized privilege escalation. The exposure is limited to users with valid credentials, but the potential for altering critical configurations is concerning. Immediate action is required to mitigate risks by upgrading to the fixed software version within 7 days.
- Now: Assess current software versions and identify affected systems.
- Next: Plan and execute the upgrade to the fixed software version 2.3.7.10.
- Later: Monitor for any signs of exploitation and ensure user credential management is robust.
Operational impact is expected to be minimal with a brief maintenance window, and no configuration drift is anticipated.